$t0 = microtime(true);
for ($i = 0; $i < $imax; ++$i) {
$tmp = Crypt2007::crypt_sha512($password, $count, $salt, false);
}
$t1 = microtime(true);
print "crypt_sha512 php\t{$count}\t" . $imax / ($t1 - $t0) . " RPS\n";
$count = 5000;
$t0 = microtime(true);
for ($i = 0; $i < $imax; ++$i) {
$tmp = Crypt2007::crypt_sha256($password, $count, $salt, true);
}
$t1 = microtime(true);
print "crypt_sha256 native\t{$count}\t" . $imax / ($t1 - $t0) . " RPS\n";
$t0 = microtime(true);
for ($i = 0; $i < $imax; ++$i) {
$tmp = Crypt2007::crypt_sha256($password, $count, $salt, false);
}
$t1 = microtime(true);
print "crypt_sha256 php\t{$count}\t" . $imax / ($t1 - $t0) . " RPS\n";
}
//
$hash_cost_log2 = 7;
$hash_portable = false;
$t0 = microtime(true);
$hasher = new PasswordHash($hash_cost_log2, $hash_portable);
for ($i = 0; $i < $imax; ++$i) {
$hash = $hasher->HashPassword($password);
}
// $2a$
print "{$hash}\n";
$t1 = microtime(true);
function testValidate()
{
$expected = '$5$rounds=5000$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5';
$actual = Crypt2007::crypt_sha256('Hello world!', 5000, 'saltstring', true);
$this->assertEquals($expected, $actual);
$this->assertTrue(Crypt2007::validate('Hello world!', $expected, true));
$this->assertFalse(Crypt2007::validate('Goodbye world!', $expected, true));
$this->assertTrue(Crypt2007::validate('Hello world!', $expected, false));
$this->assertFalse(Crypt2007::validate('Goodbye world!', $expected, false));
$expected = '$6$rounds=5000$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1';
$actual = Crypt2007::crypt_sha512('Hello world!', 5000, 'saltstring', true);
$this->assertEquals($expected, $actual);
$this->assertTrue(Crypt2007::validate('Hello world!', $expected, true));
$this->assertFalse(Crypt2007::validate('Goodbye world!', $expected, true));
$this->assertTrue(Crypt2007::validate('Hello world!', $expected, false));
$this->assertFalse(Crypt2007::validate('Goodbye world!', $expected, false));
// negative cases
// unknown algorithm
$expected = '$1$rounds=5000$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1';
$this->assertFalse(Crypt2007::validate('Hello world!', $expected, false));
// not enought '$'
$expected = '$6$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1';
$this->assertFalse(Crypt2007::validate('Hello world!', $expected, false));
// rounds are too low
$expected = '$6$round=999$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1';
$this->assertFalse(Crypt2007::validate('Hello world!', $expected, false));
}
